unserializing

[traq]

Question:
say I have an array that has been serialized for storage in a database:

PHP Code:

$pull['job']=array('graphic design', 'web design'); $pull['job']=serialize($pull['job']); 


This will be retrieved from the database alongside other, non-serialized values:

PHP Code:

$pull['name']='Adrian';
$pull['job']='a:2:{i:0;s:17:"graphic design";i:1;s:10:"web design";}'; 


Is there a way that if can check each element of the returned array to see if it is a serialized string vs. a regular string? Or do I just have to remember which strings I serialized in the first place?

thanks, everyone

[djr33]

You could serialize everything as you put it in the database, then unserialize as you get it out. That would be inefficient but easier to manage.

I don't believe there is a way to tell because it just generates text: that is the idea of serializing-- storing non-text elements in a text-form. So you can check that it is text (ie, not another type of data, like array), but serializing makes it ALL text, so that won't do you any good.

Alternatively you could set a marker:
1. Make a custom function called "serializecust()" and within that a) serialize any input, b) return "!SERIALIZED!".$output
2. Use that function for anything going into the database.
3. When pulling things out of the database run them through a function that checks with just a quick mask of strpos() to see that your marker is at the beginning of the string. If it is at the beginning, then use unserializecust() in which you'll remove marker: substr($str,0,strlen($MARKER)) and then unserialize. If it isn't serialized, just return the string.

However, that really isn't much faster overall than just serializing/unserializing all data in/out of the database.


The short answer to your question is unfortunately not, unless you want to guess at predicting the characters that a serialized string would contain. A human could likely tell just by looking at the text, but the computer won't have this advantage-- you'd have to accurately predict all signs one way or the other. Theoretically someone may have tried this, so search google. But it would be unreliable anyway.

I'm not really sure what serialize does to all data, either, so it might be an innacurate method to check. (Wouldn't serialize("test") just result in "test"?)

And in theory you might have what is "serialized" as an example, like in a tutorial, and that is actually "text" rather than an object, because you are just demonstrating (or it happens to also be unserializable). So that would cause conflicts.

[traq]

it results in s:4:"test";. So, not only is serializing it inefficient, it also takes up more space in the DB.

I think I'll just stick with remembering which items were serialized to begin with. I was hoping to find an existing, reliable method to do this (to make a generic retrieval function).

I could also do something like:

PHP Code:

<?php
foreach($DBstring as $DBs){
   $DBs = is_array(unserialize($DBs)) ? unserialize($DBs) : $DBs;
}
?>

but that would probably take even longer, and it doesn't look like it would really simplify anything, either.

Thanks for your help!